camino-ev-charger
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation provides installation instructions via
npxfrom the author's GitHub repository andclawhub. These are standard installation methods for AI agent skills. - [COMMAND_EXECUTION]: The skill uses a shell script
scripts/ev-charger.shto facilitate API requests. The script properly validates JSON input usingjqand uses specific parameters to build the API query string, reducing risk of command injection. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by using an environment variable
CAMINO_API_KEYfor authentication. The instructions correctly guide the user to store this secret in their local configuration file rather than hardcoding it. - [DATA_EXFILTRATION]: Network operations are limited to the official API endpoint
api.getcamino.ai. There is no evidence of sensitive local files being accessed or transmitted.
Audit Metadata